HIGH🇬🇧 English

CVE-2021-39279

CVSS 8.8v3.1pub. 2021-09-07upd. 2024-11-21

Certain MOXA devices allow Authenticated Command Injection via /forms/web_importTFTP. This affects WAC-2004 1.7, WAC-1001 2.1, WAC-1001-T 2.1, OnCell G3470A-LTE-EU 1.7, OnCell G3470A-LTE-EU-T 1.7, TAP-323-EU-CT-T 1.3, TAP-323-US-CT-T 1.3, TAP-323-JP-CT-T 1.3, WDR-3124A-EU 2.3, WDR-3124A-EU-T 2.3, WDR-3124A-US 2.3, and WDR-3124A-US-T 2.3.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Moxa Oncell G3470a Lte Eu

    HW
    Moxa
    wszystkie wersje
  • Moxa Oncell G3470a Lte Eu Firmware

    OS
    Moxa
    1.7
  • Moxa Oncell G3470a Lte Eu T

    HW
    Moxa
    wszystkie wersje
  • Moxa Oncell G3470a Lte Eu T Firmware

    OS
    Moxa
    1.7
  • Moxa Tap 323 Eu Ct T

    HW
    Moxa
    wszystkie wersje
  • Moxa Tap 323 Eu Ct T Firmware

    OS
    Moxa
    1.3
  • Moxa Tap 323 Jp Ct T

    HW
    Moxa
    wszystkie wersje
  • Moxa Tap 323 Jp Ct T Firmware

    OS
    Moxa
    1.3
  • Moxa Tap 323 Us Ct T

    HW
    Moxa
    wszystkie wersje
  • Moxa Tap 323 Us Ct T Firmware

    OS
    Moxa
    1.3
  • Moxa Wac 1001

    HW
    Moxa
    wszystkie wersje
  • Moxa Wac 1001 Firmware

    OS
    Moxa
    2.1
  • Moxa Wac 1001 T

    HW
    Moxa
    wszystkie wersje
  • Moxa Wac 1001 T Firmware

    OS
    Moxa
    2.1
  • Moxa Wac 2004

    HW
    Moxa
    wszystkie wersje
  • Moxa Wac 2004 Firmware

    OS
    Moxa
    1.7
  • Moxa Wdr 3124a Eu

    HW
    Moxa
    wszystkie wersje
  • Moxa Wdr 3124a Eu Firmware

    OS
    Moxa
    2.3
  • Moxa Wdr 3124a Eu T

    HW
    Moxa
    wszystkie wersje
  • Moxa Wdr 3124a Eu T Firmware

    OS
    Moxa
    2.3
  • Moxa Wdr 3124a Us

    HW
    Moxa
    wszystkie wersje
  • Moxa Wdr 3124a Us Firmware

    OS
    Moxa
    2.3
  • Moxa Wdr 3124a Us T

    HW
    Moxa
    wszystkie wersje
  • Moxa Wdr 3124a Us T Firmware

    OS
    Moxa
    2.3
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
Command Injection
CWE
Referencje

Powiązane podatności

CVE-2018-11425CRITICAL9.8ten sam produkt

Memory corruption issue was discovered in Moxa OnCell G3470A-LTE Series version 1.6 Build 18021314 and prior, ...

CVE-2016-8363CRITICAL10.0ten sam produkt

An issue was discovered in Moxa OnCell OnCellG3470A-LTE, AWK-1131A/3131A/4131A Series, AWK-3191 Series, AWK-52...

CVE-2024-4640HIGH7.1ten sam produkt

OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to missing ...

CVE-2024-4638HIGH7.1ten sam produkt

OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to a lack o...

CVE-2024-4639HIGH7.1ten sam produkt

OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to a lack o...